Social engineering involves convincing people into giving up valuable information like passwords, personally identifiable information (PII) like social security numbers, banking information, and so on. It's a common method of entry to an organization for ransomware threat groups.